 |
|
8000XXXX Errors Alerts ASP.NET 2.0
Classic ASP 1.0 COM / ActiveX Components Forms General Topics Date/Time Routines Email Scripts & Info Files/Directories & FSO Databases General Concepts Search Engine Optimization (SEO)Search
ASP FAQ Tutorials :: Classic ASP 1.0 :: Files/Directories & FSO :: How do I prevent people from 'leeching' my images?
How do I prevent people from 'leeching' my images?
Many people have expressed concern that other users have tried to 'steal' or 'leech' their images, simply by referencing them in their own HTML pages. For example, you can easily put the following line of code into your own pages, hosted anywhere:
And of course my logo will show up on your page.
Here is one way to get around this, making it easy for you to host all of your images and not worry about others being able to 'borrow' them. Place your image file(s) in a folder, either in an unknown spot in your webroot or outside of your webroot altogether, and then use the following code (which plops c:\okay.gif into the browser if the request came from the same domain, otherwise it returns c:\warning.gif - which can be as effective as you make it in having people tear down their references to your image(s)):
Then simply reference this ASP file in your other pages:
You may want to add other clauses for other domains your site may be referenced as, such as localhost, 127.0.0.1, its 'real' IP address, etc. etc. You may also want to generate the IMG SRC tags using known parameters such as width and height (for the tag itself) and the 'okay' filename (to pass via the querystring).
This method will definitely affect performance, so you will have to measure for your environment and decide whether the tradeoff is acceptable.
Protecting the images themselves
Now, as we know, it's virtually impossible to prevent people from taking your images when they browse your web site, e.g. saving them to their hard drive and re-using them. While they will always be able to use the PrintScreen button (or one of the many shareware / commercial screen scrapers out there), there are several things you can do to prevent the casual user from using the most common methods:
Protecting Your Images on the Web
| <IMG SRC=http://www.aspfaq.com/img/nld.jpg> |
And of course my logo will show up on your page.
Here is one way to get around this, making it easy for you to host all of your images and not worry about others being able to 'borrow' them. Place your image file(s) in a folder, either in an unknown spot in your webroot or outside of your webroot altogether, and then use the following code (which plops c:\okay.gif into the browser if the request came from the same domain, otherwise it returns c:\warning.gif - which can be as effective as you make it in having people tear down their references to your image(s)):
| <% ref = lcase(Request.ServerVariables("HTTP_REFERER")) if instr(ref, lcase("YOUR_DOMAIN_NAME"))>0 then fn = "okay.gif" else fn = "warning.gif" end if FPath = "c:\" & fn Set adoStream = CreateObject("ADODB.Stream") adoStream.Open() adoStream.Type = 1 adoStream.LoadFromFile(FPath) Response.BinaryWrite adoStream.Read() adoStream.Close: Set adoStream = Nothing Response.End %> |
Then simply reference this ASP file in your other pages:
| <IMG SRC=imageFile.asp> |
You may want to add other clauses for other domains your site may be referenced as, such as localhost, 127.0.0.1, its 'real' IP address, etc. etc. You may also want to generate the IMG SRC tags using known parameters such as width and height (for the tag itself) and the 'okay' filename (to pass via the querystring).
This method will definitely affect performance, so you will have to measure for your environment and decide whether the tradeoff is acceptable.
Protecting the images themselves
Now, as we know, it's virtually impossible to prevent people from taking your images when they browse your web site, e.g. saving them to their hard drive and re-using them. While they will always be able to use the PrintScreen button (or one of the many shareware / commercial screen scrapers out there), there are several things you can do to prevent the casual user from using the most common methods:
Protecting Your Images on the Web
Related Articles
Can I include a file in both server-side and client-side script? Can I read / write a user's file without a prompt? Can I rename a file using FileSystemObject? Could I get some help working with files using FileSystemObject? How do I avoid 'the red x' when an image is missing? How do I change the modified time of a file? How do I create / manipulate images from ASP? How do I dynamically include files? How do I find the owner, author, and other properties of a file? How do I get a list of a folder's subfolders? How do I get the name of the current URL / page? How do I prevent people from 'leeching' my CSS or JS files? How do I retrieve a random file from a given folder? How do I send the correct filename with BinaryWrite? How do I sort a list of files? How do I use FileSystemObject to create a file on the client? Why do I get 'Disk not ready' errors with FileSystemObject? Why do I get 'Invalid procedure call or argument'? Why do I get 'Path not found' errors with Scripting.FileSystemObject? Why do I get 'Permission Denied' errors with FileSystemObject? Why do I get 800A0034 errors? Why do I get 800A003E / Input past end of file errors? Why do I get 800A0BBA errors? Why do I get 800A0BBC errors? Why do I get an 'Invalid Path Character' error? Why do I get permissions errors after upgrading to Windows XP? Why does FileSystemObject hang all of a sudden? Why is 'the operation completed successfully' an error message?